Q: Hi, I’m interested in using LancePilot as part of the services I provide to my customers, and I have questions:
1️⃣ Reselling setup:
With the Tier 4 lifetime deal, how does reselling work technically?
Can I create multiple separate workspaces/accounts for clients?
Do these accounts run under my main (reseller) account, or are they entirely independent?
Do clients get their own logins, or do they access services through my interface?
2️⃣ Data privacy & compliance (technical details):
Where is the platform hosted (country/region, e.g., EU, US, etc.)?
Is user data encrypted both at rest and in transit?
Do you provide Data Processing Agreements (DPAs) or similar documents for GDPR/CCPA compliance?
Do you act as a data processor or controller under GDPR?
Are there additional compliance certifications (e.g., SOC 2, ISO 27001)?
istiakahmad
Jul 31, 2025A: Hi, thanks for your questions!
Yes, you can create separate workspaces for your clients and give them access.
We’re fully GDPR compliant.
Our platform is hosted securely on AWS.
🔒 Is user data encrypted?
Yes — data is encrypted both in transit and at rest.
In transit: All data is protected with HTTPS/TLS encryption.
At rest: Messages are stored in AWS S3 with server-side encryption (SSE-S3 or SSE-KMS).
📄 Do you provide a Data Processing Agreement (DPA)?
We don’t offer a standard DPA yet, but we follow all GDPR/CCPA guidelines and are open to discussing custom compliance needs.
🧭 Are you a data controller or processor?
We act as a data processor. You (the business) are the controller — we only process data based on your instructions.
✅ Certifications?
While Lancepilot itself doesn’t hold individual certifications yet, our infrastructure (AWS) is certified with SOC 1/2/3, ISO 27001/17/18. We also follow best practices for security, access control, and data protection.
Let us know if you have more questions or need support. We’re happy to help!